If you use Magento multi-store feature, you possibly know that visitors of the store cannot sign up for newsletters of all multi-stores. Store visitor will be able to sign up only for one store.

Lets imagine that you have two multi-stores: one for Gifts and other for Chocolate. If some of your visitor will open Gifts store and sign up for Gifts newsletter, Magento will record it. However if the same visitor will come to Chocolate store the other day and submit his email in newsletter box, in this case Magento will remove his email from Gifts newsletter and add him to Chocolate newsletter. By default it is not possible to sign up for News of both stores.

The Zend Framework vulnerability potentially allows an attacker to read any file on the web server where the Zend XMLRPC functionality is enabled. So potentially an attacker can read configuration file of your Magento installation.

If you want to install some module from Magento Connect, but you cannot use 'Magento Connect Manager' for some reason, in this case you can download Magento module package in TGZ file format manually and upload it to your Magento store via FTP or control panel file manager.